Maintaining Known Hosts in Solaris Secure Shell
Each host that needs to communicate securely with another host must have the server's public key stored in the local host's /etc/ssh/ssh_known_hosts file. Although a script could be used to update the /etc/ssh/ssh_known_hosts files, such a practice is heavily discouraged because a script opens a major security vulnerability.
The /etc/ssh/ssh_known_hosts file should only be distributed by a secure mechanism as follows:
-
Over a secure connection, such as Solaris Secure Shell, IPsec, or Kerberized ftp from a known and trusted machine
-
At system install time
To avoid the possibility of an intruder gaining access by inserting bogus public keys into a known_hosts file, you should use a Solaris JumpStart server as the known and trusted source of the ssh_known_hosts file. The ssh_known_hosts file can be distributed during installation. Later, scripts that use the scp command can be used to pull in the latest version. This approach is secure because each host already has the public key from the JumpStart server.
- © 2010, Oracle Corporation and/or its affiliates